Name
Global FinTech Guide
Country _ Name
Uruguay
SectionTitle
KYC requirements
Body
The know your customer or know your client (KYC) guidelines and regulations for financial services require that professionals try to verify the identity, suitability, and risks involved with maintaining a business relationship.

Legal affairs

National regulatory framework regarding AML and effective date of the regulations

  1. Anti-Money Laundering Law No. 19,574, effective as of January 10, 2018.
  2. Decree No. 379/018, effective as of November 20, 2018. 
  3. Financing of Terrorism Law No. 19,749, effective as of May 29, 2019.
  4. Decree No. 136/019, effective as of May 29, 2019.
  5. Financial System´s Control and Regulatory Regulations issued by the CBU; current AML sections effective as of November 23, 2018.

National regulator or relevant authority for AML controls

The main regulator for AML controls is the Anti-Money Laundering and Terrorism Financing Secretary. However, in the financial sector, the CBU, acting through the UIAF (Unit of Financial Information and Analysis) also plays an important role.

Customer Due Diligence

Conduct of a typical KYC identification process

The due diligence process varies in scope depending on which is the entity performing the due diligence. In certain cases, the face-to-face identification is required. In other cases, it is sufficient to obtain and verify certain personal and business information. However, minimum standards for KYC identification process include obtaining the following data:

  1. For natural persons:
    • Full name and last name.
    • Place and date of birth.
    • Identification document and number.
    • Tax identity number.
    • Civil status.
    • Domicile and phone number.
    • Profession.
    • Income.

  2. For legal entities:
    • Name.
    • Date of incorporation.
    • Domicile and phone number.
    • Tax identity number.
    • Tax identity number.
    • Articles of incorporation and good standing certificate.
    • Income.
    • Corporate structure.
    • Compliance with Ultimate Beneficial Owners Law No. 19,484.

Possibility to meet customer due diligence requirements by relying on third parties who are obliged by law themselves to comply with AML regulations

Yes, with the authorization of the CBU, either prior, express or tacit, provided that certain requirements are met. However, regulated entities shall at all times hold the ultimate responsibility for the proper identification and knowledge of their customers, and shall verify the proper application of their due diligence procedures by the third party who takes care of the process. In any case, regulated entities are still obliged to have their own Compliance Officer, regardless of whatever service a third party may provide. 

Furthermore, third-party services may not be used to monitor accounts and transactions for the purpose of detecting unusual or suspicious patterns in customer behaviour.

Possibility to outsource customer due diligence by contract to other third parties who are not obliged by law to meet AML regulations and rely on these (e.g., WebID, IDnow, PostIdent)

Yes. Certain financial regulated entities are allowed to outsource customer due diligence obtaining prior authorization from the regulator (and shall hold the final responsibility); others may only outsource the due diligence on parties who are obliged by law to meet AML regulations.

Presence of a license or registration requirement for the third party in case of outsourcing customer due diligence

4> Customer due diligence outsourcing is only permitted for limited entities. The outsourced party must comply with specific requirements set forth by the CBU´s regulations. As a general rule the outsourcing will need to be previously authorized by the CBU. However, in certain cases the outsourcing will be considered as authorized provided the outsourcing complies with specific requirements.

The relevant authority for outsourcing customer due diligence services is the CBU. The requisites for the outsourcing will depend on which is the entity that wishes to outsource such services. However, as a general rule, the requisites are the following:

    i. The outsourced entity must apply the due diligence proceedings established by the outsourcing entity.
    ii. The outsourcing entity must obtain and preserve the relevant information and documentation for the identification of the customers.
    iii. The outsourcing entity will be responsible and liable for the due diligence outsourced services.
    iv. The outsourcing may not be used for monitoring accounts and transactions in order to detect patterns in the behaviour of the customers.
    v. The outsourced entity must be a financial entity registered before the financial regulator and such regulator must control and supervise the due diligence process applied by the outsourced entity.
    vi. The outsourced party must be based in a country that is not under the application of special measures by the Financial Action Task Force.
    vii. The outsourcing must be regulated in written agreement that must contain certain clauses.

Notwithstanding the above, all outsourcings will need to be analysed on a case-by-case basis.     

Further questions

Entities that could be relied on specifically by law as a third party to comply with AML regulations (regardless of outsourcing)


No credit institutions
No financial institutions
No auditors, external accountants, and tax advisors
No notaries and other independent legal professionals
No other trust or company service providers
No estate agents
No other persons trading high-value goods
No providers of gambling services
Yes Depending on the case, entities who are themselves obliged to perform due diligence. In all cases the final responsibility resides on the hiring party.


Authors

NameOrganisationEmail
There are no records.

Close

Choose country